[37679] in North American Network Operators' Group
RE: Stability of the Internet?
daemon@ATHENA.MIT.EDU (Roeland Meyer)
Mon May 21 18:04:22 2001
Message-ID: <9DC8BBAD4FF100408FC7D18D1F0922860E465A@condor.mhsc.com>
From: Roeland Meyer <rmeyer@mhsc.com>
To: 'Bruce Campbell' <bc@vicious.dropbear.id.au>, nanog@merit.edu
Date: Mon, 21 May 2001 15:06:16 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Errors-To: owner-nanog-outgoing@merit.edu
> From: Bruce Campbell [mailto:bc@vicious.dropbear.id.au]
> Sent: Sunday, May 20, 2001 10:41 PM
>
> On Fri, 18 May 2001, Eric A. Hall wrote:
>
> > There is some (as yet unpublished) research data that says
> ~20% of the
> > queries currently going to the root servers are for invalid
> TLDs (as setup
> > by .private internal operators). Endorsing the use of
> private domains will
> > make this much worse.
>
> There was some mention (cue bill) at the last IETF about an
> endorsement of
> '.int' for internal networks by some insert-dns-clueless-company-here.
> which of course sends (significant?) unwanted traffic towards the .int
> nameservers.
Since INT is for intenational treaty organization, the use of INT internally
would create a collision. Thereby, masking the entire INT TLD from the
clueless org that did that. In past /ICANN/DNSO discussions it has been
suggested, that we reserve a LOCAL or PRIVATE TLD for internal use only. Let
me know what y'all think and which one y'all prefer. My personal preference
is for both (three tiered <Internet>/Local/Private). The next question is;
should this be an RFC?
> A better step would be to thoroughly endorse .private or
> similar, and have
> the distributed root.hints file point it back to the local
> nameserver, so
> such dns traffic does not end up on the cruel and heartless internet.
You gotta be careful here, to not point to a recursive server, for a
non-recursive reference.
> Of course, lack of clue when setting up internal networks will always
> happen (such as allowing those queries out, or not setting up
> a correct
> private tree off your regular domain etc etc).
